[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3732Date: (C)2005-11-21   (M)2023-12-22


The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1015254
BID-15523
SECUNIA-17668
SECUNIA-17822
SECUNIA-17980
SECUNIA-18115
SECUNIA-18616
SECUNIA-18742
SECUNIA-19833
http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html
20060501-01-U
SECUNIA-20210
ADV-2005-2521
DSA-965
FLSA-2006:190941
GLSA-200512-04
MDKSA-2006:020
RHSA-2006:0267
SUSE-SA:2005:070
USN-221-1
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
oval:org.mitre.oval:def:9857

CWE    1
CWE-399

© SecPod Technologies